OpenSSL Gets Hard-Fought Revalidation
Linked by Thom Holwerda on Fri 9th Feb 2007 19:13 UTC, submitted by Dolores Parker
Privacy, Security, Encryption "After a long and arduous journey that included a suspended validation last year, the Open Source Software Institute has announced that OpenSSL has regained its FIPS 140-2 validation and is now available for download. The validation process, which normally lasts a few months, took an astounding five years to complete, and those involved with the projects say they are already devising ways to avoid such long delays in future validations."
E-mail Print r 1   8 Comment(s) http://osne.ws/da7
Order by: Score:
Add Comment Post a Comment
Finished docs!
by Nutela on Fri 9th Feb 2007 20:05 UTC
Nutela
Member since:
2006-02-09

..would be nice to have too!

Reply Score: 1

RE: Finished docs!
by jo42 on Mon 12th Feb 2007 16:36 UTC in reply to "Finished docs!"
jo42 Member since:
2006-02-20

> ..would be nice to have too!

"Read The Source, Luke..."

(sorry, couldn't resist ;)

Reply Score: 1

No docs
by CrLf on Fri 9th Feb 2007 22:14 UTC
CrLf
Member since:
2006-01-03

OpenSSL never had proper documentation. It's amazing how it got to be so popular, and how it got certified... since I presume that requires proper documentation...

Reply Score: 1

RE: No docs
by kernelpanicked on Fri 9th Feb 2007 22:44 UTC in reply to "No docs"
kernelpanicked Member since:
2006-02-01

My experience obviously doesn't match yours. I spend quite a bit of time in the openssl man pages and they're pretty damn good. Not only is there a rather lengthy man page for openssl but each one of it's functions has it's own man page that's extremely complete.

Reply Score: 5

RE[2]: No docs
by ts__ on Fri 9th Feb 2007 23:36 UTC in reply to "RE: No docs"
ts__ Member since:
2006-01-22

Some functions are totally undocumented, such as PKCS5_PBKDF2_HMAC_SHA1.

It is popular because it is the best SSL/crypto toolkit. However, most people using it have no idea how to use it properly (DH-parameters, CRL handling, etc. is important).

Edited 2007-02-09 23:44

Reply Score: 2

RE[3]: No docs
by the_trapper on Sat 10th Feb 2007 20:08 UTC in reply to "RE[2]: No docs"
the_trapper Member since:
2005-07-07

If you don't like openssl, there's also

-gnutls http://www.gnu.org/software/gnutls/

and

-Mozilla NSS http://www.mozilla.org/projects/security/pki/nss/

So, openssl isn't the only game in town, but it does have pretty nice licensing terms, excellent portability, and a mature codebase. I've found the documentation to not be too bad, and there are lots of tutorials out there, not to mention the source code is available for browsing.

Reply Score: 3

RE[4]: No docs
by Janizary on Sun 11th Feb 2007 05:35 UTC in reply to "RE[3]: No docs"
Janizary Member since:
2006-03-12

Yup, the lack of viral licence does help it emensely, and being a dependency of extremely popular programmes like OpenSSH doesn't hurt it's popularity either.

Reply Score: 2

Good for Open Source
by joecool on Sun 11th Feb 2007 15:54 UTC
joecool
Member since:
2006-02-19

This article describes yet another great win for open source software. Regaining this validation despite the CMVP receiving all sorts of commercial FUD is just more assurance that open source software can stand beside its commercial counterparts.

Reply Score: 2

Add Comment Post a Comment